Link to home
Start Free TrialLog in
Avatar of ale1981
ale1981

asked on

Add a new 2003 Domain Controller to take control from old Server 2000 DC

Our current Domain Controller is an old Windows 2000 Server box, this is also our DHCP and DNS server.

I want to add a new Domain Controller to the domain, this will be a Windows 2003 Server with DHCP and DNS, once this is setup, I can then remove the old Server 2000 box.

How do I go about doing this? Will adding another AD, DNS, DHCP while the old server is still running cause problems?


Thanks
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image

The general procedure is:

Install Windows 2003 on the new machine

Assign the new computer an IP address and subnet mask on the existing network
Make sure that the preferred DNS server on new machine points to the existing DNS Server on the Domain (normally the existing domain controller)

Join the new machine to the existing domain as a member server

From the command line promote the new machine to a domain controller with the DCPROMO command from the command line Select "Additional Domain Controller in an existing Domain"

Once Active Directory is installed then to make the new machine a global catalog server, go to Administrative Tools, Active Directory Sites and Services, Expand ,Sites, Default first site and Servers. Right click on the new server and select properties and tick the "Global Catalog" checkbox. (Global catalog is essential for logon as it needs to be queried to establish Universal Group Membership)

Make sure the new DC is also a DNS server, install DNS. Assuming that you were using Active Directory Integrated DNS on the first Domain Controller, DNS will have replicated to the new domain controller along with Active Directory.

All the clients (and the domain controllers themselves) need to have their Preferred DNS server set to one domain controller, and the Alternate DNS to the other, that way if one of the DNS Servers fails, the clients will automatically use the other - this some will machines will need this setting in the TCP/IP properties of the NIC, others will need to have it set via the DHCP options.

Both Domain Controllers by this point will have Active Directory, Global Catalog, DNS and DHCP. You now need to transfer the FSMO roles  - see http://www.petri.co.il/transferring_fsmo_roles.htm

You are now ready to remove the old DC (or you can leave it running to provide resilliance)

First:-

DNS: Make sure that all of your clients are set to use the new DC as their Preferred DNS server (either by static entries or DHCP options)

Power down to old DC and make sure that all is well.

Once satisfied power on the old DC again, then run DCPROMO for remove it's domain controller status.

If you want to remove the machine from the domain then you can do so one it's DC role has been removed.
Avatar of ale1981
ale1981

ASKER

Thanks KCTS I will give this a go and get back to you!
ASKER CERTIFIED SOLUTION
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup Zone:
Accept KCTS's comment as the answer.

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Slam69 Cleanup volunteer